ESET® ENTERPRISE INSPECTOR

Uncover the unknown in your network with our EDR solution

110m+users worldwide

400k+business customers

200+countries & territories

13global R&D centers

ESET Enterprise Inspector

An Endpoint Detection & Response tool designed to exploit ESET's multilayered Endpoint Protection Platform. All layers send relevant data to ESET Enterprise Inspector, which analyzes vast amounts of real time endpoint data. The result is complete prevention, detection and response solutions for quick analysis and remediation of any security issue in the network enabling organizations to take immediate action to:

Detect advanced persistent threats

Stop file less attacks

Block zero-day threats

Protect against ransomware

Neutralize state-sponsored attacks

Open architecture & integrations

ESET Enterprise Inspector provides a unique behavior and reputation based detection that is fully transparent to security teams. All rules are easily editable via XML to allow fine-tuning or easily created to match the needs of specific enterprise environments, including SIEM integrations.

Adjustable sensitivity

Utilize ESET’s Endpoint Detection and Response tool to easily suppress false alarms by adjusting the sensitivity of detection rules for different computer groups or users. Combine criteria such as file name / path / hash / command line / signer to fine-tune the trigger conditions.

Historic Threat Hunting

Easily adjust behavior rules with ESET Enterprise Inspector, then "re-scan" the entire events database. This allows you to then identify any new alerts triggered by the adjusted detection rules. No longer are you searching for a static IOC, but for dynamic behavior with multiple parameters.

Synchronized response

ESET’s Endpoint Detection and Response tool is built on top of existing ESET endpoint security solutions, creating a consistent ecosystem that allows cross-linking of all relevant objects and synchronized remediation of incidents.

Use cases

PROBLEM Threat Hunting & Blocking

Your early warning system or Security Operation Center (SOC) delivers a new threat warning. What are your next steps?

SOLUTION

Leverage early warning system to retrieve data on upcoming or new threats.

Search all computers for existence of new threat.

Search all computers for indicators of compromise that threat existed prior to warning.

Block threat from being able to infiltrate network or execute within organization.

The ESET difference

Threat Hunting

Apply filters to sort data based on file popularity, reputation, digital signature, behavior or contextual information. Setting up multiple filters enables automated, easy threat hunting, including for APTs and targeted attacks, which can be customized to each company’s environment.

Investigation and Remediation

Use a built-in set of rules or create your own rules to respond to detected incidents. Each triggered alarm features a proposed next step to be performed for remediation. This quick response functionality helps to ensure that any single incident will not fall through the cracks.

Incident Detection (Root cause analysis)

Quickly and easily view all security incidents in the alarms section. With a few clicks security teams can see a full root cause analysis that includes: what was affected, where and when the executable, script, or action was performed.

In cloud or on-premise

Taking advantage of ESET’S flexible and secure architecture, ESET Enterprise Inspector allows on-premise as well as cloud deployment for better scalability based on the company size and needs.

Anomaly and behavior detection

Check actions that were carried out by an executable and utilize ESET’s LiveGrid® Reputation system to quickly assess if executed processes are safe or suspicious. Grouping of computers by user, department or other criteria allows security teams to quickly identify if the user is entitled to perform a specific action or if an action is out of the ordinary.

Company Policy Violation

Block malicious modules from being executed on any computer in your organization’s network. ESET Enterprise Inspector’s open architecture offers the flexibility to detect violations of policies about using specific software like torrent applications, cloud storages, tor browsing or other unwanted software.